Obtaining And Importing The Lkm Certificate - Brocade Communications Systems Brocade 8/12c User Manual
Brocade network advisor san user manual v11.1x (53-1002167-01, may 2011)
Hide thumbs
Also See for Brocade 8/12c:
- Command reference manual (1132 pages) ,
- Reference (362 pages) ,
- Administrator's manual (282 pages)
Table of Contents
Advertisement
1. Select an LKM group from the Encryption Center Devices table, then select Group > Link Keys
2. Select the switch, then click Establish.
3. Launch the NetApp DataFort Management Console (DMC) and click the View Unapproved
4. Select the switch, then click Approve and Create TAP.
5. Provide a label in the dialog box, then click Approve to approve the TEP.
6. Save the TAP to a file (location does not matter).
7.
8. Select the switch in the link key status table, then click Accept to retrieve the TAP from the LKM
9. Repeat the above steps for each of the remaining member nodes.
Obtaining and importing the LKM certificate
Certificates must be exchanged between LKM and the encryption switch to enable mutual
authentication. You must obtain a certificate from LKM, and import it into the encryption group
leader. The encryption group leader exports the certificate to other encryption group members.
To obtain and import an LKM certificate, complete the following steps:
1. Open an SSH connection to the NetApp LKM appliance and log in.
Brocade Network Advisor SAN User Manual
53-1002167-01
from the menu task bar, or right-click an LKM group and select Link Keys.
The switch name displays in the link status table under Switch, with a Link Key Status of
Link Key requested, pending LKM approval.
This results in a Trusted link establishment package (TEP), which is needed to establish the
trusted link between the switch and the LKM appliance.
Trustees tab.
The switch is listed as openkey_trustee_<ip address>, where the IP address is the switch
IP address.
The Approve TEP dialog box displays. The TEP must be approved before a TAP can be created.
A list of recovery cards and recovery officers is displayed. TEP approval is done by a quorum of
recovery officers, using assigned recovery cards. Each recovery officer must individually insert
one of the listed recovery cards into a card reader attached to the PC or workstation, then
enter the password for that card and click Start. The procedure is repeated until a quorum of
recovery officers has approved the TEP.
Select the Link Keys tab from the Encryption Group Properties dialog box.
appliance.
host$ssh admin@10.33.54.231
admin@10.33.54.231's password:
Copyright (c) 2001-2009 NetApp, Inc.
All rights reserved
+--------------------------------+
| NetApp Appliance Management CLI |
|
Authorized use only!
+--------------------------------+
Cannot read termcapdatabase;
using dumb terminal settings.
Checking system tamper status:
No physical intrusion detected.
Steps for connecting to an LKM appliance
|
18
449
Advertisement
Chapters
Table of Contents
Troubleshooting
